Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restructure auth #1057

Merged
merged 4 commits into from
Sep 17, 2024
Merged

Restructure auth #1057

merged 4 commits into from
Sep 17, 2024

Commits on Sep 17, 2024

  1. Stop asking for a username

    @mdellweg
    mdellweg committed Sep 17, 2024
    Configuration menu
    Copy the full SHA
    45171c3 View commit details
    Browse the repository at this point in the history

  2. Change oauth2 client parameters 

    This introduces --client-id and --client-auth. Users can now infer the
authentication to use in face of multiple available security proposals.
    @mdellweg
    mdellweg committed Sep 17, 2024
    Configuration menu
    Copy the full SHA
    b600515 View commit details
    Browse the repository at this point in the history

  3. BasicAuth instead of post data for OAuth2 token 

    According to RFC6749 Section 2.3.1 all token servers are required to
support http basic auth. Instead supporting the credentials as post
data is specified as optional. Furthermore the RCF discourages using
the latter.
    @mdellweg
    mdellweg committed Sep 17, 2024
    Configuration menu
    Copy the full SHA
    c49ad4d View commit details
    Browse the repository at this point in the history

  4. Memoize auth objects 

    Auth objects provided by the pulpcli auth provider are memoized. This
way, no password needs to be written back to the pulp_ctx variable and
the oauth token can be cached in memory for the lifetime of the context.
    @mdellweg
    mdellweg committed Sep 17, 2024
    Configuration menu
    Copy the full SHA
    e9535de View commit details
    Browse the repository at this point in the history